Caylent Catalysts™
AWS Control Tower
Establish a Landing Zone tailored to your requirements through a series of interactive workshops and accelerators, creating a production-ready AWS foundation.
Learn how Caylent's experts engineer security into your AWS environments, ensuring you receive optimal technical implementation in addition to governance and compliance against popular standards like HIPAA
How does our engineering team engineer security into what we do for our customers?
We focus generally on the engineering side of automation. We like to have our security controls done via code and things like the AWS conformance packs really help with that because there are pre-built controls that we can use to do kind of standard things like PCI compliance.
It's really nice because you have a situation where our customers now aren't having to build something for themselves and reinvent the wheel. They're able to take advantage of what AWS has built. That solves for the technical challenges that align towards the technical requirements or what has to happen in the AWS environment.
When you get to policies and procedures, do you find that some of our startup customers are likely to have what they need on the government side of the house in addition to the technical?
Generally, they can really use help when it comes to the writing of policy and documenting those policies as well, so that they actually match the technical deployments that we're doing. One of the things we found is that, you've got startups that are focused on the product, or you've got young companies that are focused on product development, and they may not be as focused on HIPAA compliance, for example, knowing the ins and outs of the policies that they need, not just within AWS but also their personnel policies and user computing policies. And so one of the things that we've been developing at Caylent is a starter pack for policies and procedures for the different, common frameworks like HIPAA & PCI, so that we can marry the technical implementation along with the policies and procedures that are needed to talk to an auditor, to speak to the entire company's compliance against a standard.
So with customers that are newer to compliance and maybe need some help writing policies or need discovery done to discover essentially what they already have deployed versus what needs to be done, what can we do to help?
Some customers are just new to a standard in general. So there's the CAIQ, a "consensus assessment investment questionnaire", that allows us to map to multiple standards.
So if you don't know what you don't know about conforming to PCI or conforming to HIPAA, these can give customers a leg up on where they're at and understand what the gaps are, and prioritize that. So there's going to be a list of things that need to be accomplished for, say, PCI compliance. And it's something that would work with them over a short engagement to make sure that they understand where they are.
Now, that's going to show up things that are technical to the AWS environment as well as policies and procedures gaps, but what's interesting is our AWS Control Tower Caylent Catalyst. It already sort of addresses and gets ahead of that. It anticipates that a lot of our customers are going to be regulated. We apply almost presumptively, the same processes we're using for customer compliance as well.
We deploy the normal standard guardrails that come with the Control Tower - CPEs and your config rules, and we also do custom ones. We can deploy ones from the AWS conformance packs. We can also add in any custom rules that are policies that are directly related to what the customer has written themselves. Now, the nice thing about that is really quickly getting to baseline compliance so that you're sure that you're getting what you need for your customers, you're getting what you need for future auditors and, and making sure you're doing things and adopting AWS in a secure way.
Zach Tuttle is a Principal Customer Solutions Architect with over 25 years of IT experience, including a decade focused on on-premise VMware-based data centers. For the past nine years, he has been working with AWS partners, empowering customers to successfully build and innovate on AWS. Zach is particularly passionate about guiding customers through their initial steps into cloud computing and DevOps. He enjoys being involved with his two kids sports activities, cooking and home DIY renovation.
View Zach's articlesMark Olson, Caylent's Portfolio CTO, is passionate about helping clients transform and leverage AWS services to accelerate their objectives. He applies curiosity and a systems thinking mindset to find the optimal balance among technical and business requirements and constraints. His 20+ years of experience spans team leadership, technical sales, consulting, product development, cloud adoption, cloud native development, and enterprise-wide as well as line of business solution architecture and software development from Fortune 500s to startups. He recharges outdoors - you might find him and his wife climbing a rock, backpacking, hiking, or riding a bike up a road or down a mountain.
View Mark's articlesLearn how organizations can protect sensitive data using Amazon OpenSearch's security features like fine-grained access controls, encryption, authentication, and audit logging.
Generative AI has become a popular buzz-word, but there is still a lot of confusion around what GenAI actually is and what it is capable of. Join Caylent’s Randall Hunt and Mark Olson as they debunk common myths and misconceptions surrounding GenAI, along with some hot takes.
As companies race to take advantage of the innovative potential that Generative AI has to offer, it’s important to remember the responsibility of upholding ethical and fair practices, preventing the generation of harmful, biased, or misleading content. Join Caylent’s Brian Tarbox as he explores some key ethical considerations that organizations should be aware of.